Securing Electronic Medical Records Still Causing Headaches
Tripwire announces new solution for easily monitoring EMRs for risks and maintaining compliance
PORTLAND, Ore. – November 08, 2017 – Electronic Medical Records (EMR) have been widely adopted by healthcare providers to improve operational efficiency and patient care. As with the adoption of any new technology that continues to evolve, with benefits come risks. EMRs have given rise to new considerations around cyber risk for healthcare providers and have helped spark a conversation around the potential impact cyber security can have on patients.
When it comes to securing EMRs, the top concern is around protecting patient information, specifically “electronic Protected Health Information” (ePHI). The Health Insurance Portability and Accountability Act (HIPAA) was established to address this; it set a national set of minimum security standards for protecting all ePHI under the HIPAA Security Rule.
“There’s more to protect, fewer resources with which to do it, and more change alerts than one person can handle. And yet, many providers are still trying to manage security and compliance for their EMRs manually,” said Tim Erlin, vice president of product management and strategy at Tripwire. “A manual process will not actually be able to answer a good auditors’ questions. Home-grown scripts are concerning to an auditor; they prefer third party effort. On top of all that, cyberattacks can go undetected if not monitored in real time.”
For healthcare security leaders who need to protect EMR systems, Tripwire provides integrity monitoring and secure configuration management to protect against unauthorized changes. Expanding upon its existing support for EPIC systems, Tripwire’s automated EMR security and compliance solution now supports Cerner and Allscripts systems. As an extension of Tripwire Enterprise, the EMR solution also alerts users to possible insider threats with capabilities for managing administrative privileges. Finally, the EMR Security & Compliance helps providers achieve and maintain compliance with HIPAA and NIST 800-(53 & 171) across the entire EMR environment including file systems, AD/LDAP, and databases.With a comprehensive solution for implementing foundational security controls, healthcare providers can meet their security and compliance needs while maintaining operational excellence and enhancing patient care with more confidence.
Tripwire is a leading provider of security, compliance and IT operations solutions for enterprises, industrial organizations, service providers and government agencies. Tripwire solutions are based on high-fidelity asset visibility and deep endpoint intelligence combined with business context; together these solutions integrate and automate security and IT operations. Tripwire’s portfolio of enterprise-class solutions includes configuration and policy management, file integrity monitoring, vulnerability management, log management, and reporting and analytics. Learn more at tripwire.com, get security news, trends and insights at https://www.tripwire.com/blog/ or follow us on Twitter @TripwireInc.